flarum/core Security Advisories for v1.7.2 (2)
-
[LOW] Flarum's logout Route allows open redirects
PKSA-t2c9-4b54-wr9g CVE-2024-21641 GHSA-733r-8xcp-w9mr
Affected version: <1.8.5
Reported by:
GitHub -
[HIGH] Flarum vulnerable to LFI and Blind SSRF via Avatar upload
PKSA-gy61-rznj-1v67 CVE-2023-40033 GHSA-67c6-q4j4-hccg
Affected version: <1.8.0
Reported by:
GitHub